6,500 Dark Web Sites Offline After Hosting Service Attacked
The actor behind the attack on Daniel's Hosting, and their initial point of entry, remain unknown.
A Dark Web hosting provider, and all of its 6,500+ services, were taken offline last week after an unknown attacker gained access, ZDNet reports.
Software developer Daniel Winzen, who runs Daniel's Hosting, says an attacker infiltrated the database and deleted all accounts – including the server's root account. All data was destroyed; due to the design, he says there are no backups. The plan is to get things back up and running when the flaw enabling the breach is discovered and remediated, Winzen explains.
So far, his research shows the intruder was only able to obtain administrative rights over the database; it doesn't seem as though he had full system access. Some files and accounts unrelated to the hosting setups weren't affected in the breach, he adds.
The only vulnerability Winzen has found so far is a PHP zero-day vulnerability, which he doesn't think the attacker used to gain access.
Read more details here.
Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.
About the Author
You May Also Like